Hi All,

We have a remote desktop gateway server running windows server 2012 R2 standard serving 20 internal machines.The clients are connecting from their windows box (running windows 7 professional 64bitsp1) to the internal computers through remote desktop gateway server.

Recently after updating the remote desktop client to version 8.1 from 7.1 clients are not able to connect to the server.We dont want to downgrade remote desktop client.

I believe the issue is client is initiating a TLS 1.2 which the remote desktop gateway server does not support.

I am stuck for last three days..Please help me

Thanks in advance

Arjun

Here's the scenario:

We have about 15 developers who code on Fedora linux desktops. They also run Windows 7\8.1 clients via RDP to access certain network shares, Outlook 2010\2013, OneNote 2013, and that's pretty much it. These Windows clients are virtual machines that run in our VMware datacenter and would rather delete them to save system resources. 

What if Windows 2012 R2 Remote Desktop Services could mitigate the need for 15 Windows clients for the developers and present them with remote apps via RDS? I can certainly validate the functionality from a Windows box and I found that "WinConn" is able to it on Ubuntu (although, I tried it and didn't work. Might be something I did wrong). Nevertheless, no information on accomplishing this on the Fedora front. 

Anyone have any suggestions? Is this even possible?

Thanks.

I have a 2012r2 server running RDGW service in a DMZ providing remote desktop service to internal servers. I have only the GW service running, we do not use any session host servers in this deployment.

I am trying to get the web service running, however without a full RDS deployment, the RDS GUI is unavailable and I can't see any way to configure the web service without RDS running.

Is there any way I can configure the web access service in this situation? if so how

Thanks

We recently upgraded one of our customer's network (WAN) to Fiber and installed new routers in several sites. The customer is migrating from an iVPN scenario where multiple sites establish IPSec tunnels to a central router (in the company's HQ) to a scenario where the Central router is nor required for all sites to communicate with each other. All IP addressing was maintained. What the client is noticing is that in some sites the computers cannot initiate the remote desktop session when using the new fiber line and router (the login process happens, it tries to connect then returns an error) yet we can Telnet to the remote TS server over port 3389 without any problems...  when we switch back to the old ADSL line and router (computer maintains the IP Address) the computer can establish the Remote Desktop session without any problems.

Our Client's IT support is struggling with this problem and hasn't found a solution yet. It doesn't seem to be a connectivity issue as there are 3 sites that are working perfectly with the new fiber line and router. Could it be a licensing problem? Cloud there be some kind of binding that isn't released when the computer switches to the new fiber line and router (yet maintaining the same IP address)? I've read about NAP in TS Server, could it be something along those lines? The IT tech mentioned an Error 21 in the Server's Event Log...

The Licencing type is "Device", and according to the IT Tech there are licenses available.

Any ideas as to what might be behind this strange behaviour? I apologize if there are some important details or information that might be missing, but this isn't a product that I'm totally familiar with :-( I'm trying to help are customer in getting things up and running.

I thank you in advance for your attention into this matter.

José Carlos

Dell T620 (with proper cooling)

AMD Firepro S9000

Some background: I've been testing VDI with RemoteFX with great success in Server 2016 TPv4 and 5. Things perform well, my users are actually pleased with the performance. I now know how all of that works and that is great

My real question is, Should I or should I not be able to configure my server 2016 TPv5, with an AMD Firepro S9000 as a remote desktop session host and take advantage of remote FX through session based collections? I've set it up as best I know, but I'm getting very low FPS. In the VDI with RemoteFX example, I get 60FPS over a WAN connection. When using RDSH, I get 15 FPS which is not good.

Hello,

I'm in the process of deploying remote desktop services for our company to see if it's viable for our situation.
I've got everything working. The only thing that's bugging me is that the local FQDN is show when connecting to a full desktop session host.
I've set the "SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\CentralPublishedResources\PublishedFarms\<Collection>\RemoteDesktops\<Collection>\ShowInPortal" to 1 to show the Remote Desktop Connection shortcut in RD Web Access.

> Server certificates are all published in the RDS deployment properties. (We have bought a wildcard certificate from a trusted CA.)
- RDCB SSO: Trusted & OK
- RDCB Publishing: Trusted & OK
- RD Web Access: Trusted & Error (All services are on single server with HA)
- RD Gateway: Trusted & OK

> RD Gateway specific certificates are also uploaded through the RD Gateway Manager.
> RD Connection Broker HA DNS RR is set to remote.domain.com in the deployment properties.
> RD Gateway server name is also configured to remote.domain.com in the deployment properties.
> RD Gateway HA is configured with NLB on the second NIC of each server, with cluster name also set to remote.domain.com.

I've configured the Gateway RAP to only allow connection to the RD Server Farm through the DNS RR name, being remote.domain.com, which we have also configured in our local DNS server to point to the RDCB.

Now, when I try to connect through RD Gateway, I sometimes get the below error.
Remote Desktop can't connect to the remote computer "remote.domain.com" for one of these reasons:
1) Your user account is not listed in the RD Gateway's permission list
2) You might have specified the remote computer in NetBIOS format (for example, computer1), but the RD Gateway is expecting an FQDN or IP address format (for example computer1.fabrikam.com or 157.60.0.1).
Contact your network administrator for assistance.

I don't get this error when I open a RemoteApp in the same session.
When I add the farm members (using local server name) individually to the network resources, this works, but then I get the certificate mismatch. (This is also specified on the Network resources tab:Note: if you are using a Remote Desktop Session Host server farm, the name of the farm and the name of each member must be specified in the computer group.)

Name mismatch
Requested remote computer: servername.domain.local
Name in the certificate from the remote computer: *.domain.com

I've searched the internet for days now, but haven't found a solution yet. Or I must be doing something wrong.
Need to note that I've also tried adding the servers to the network resources using a different DNS name (rds01.domain.com, rds02.domain.com), but that doesn't seem to do anything. Then I get the error again (Remote Desktop can't connect...)

Hope I'm missing something here, cause I don't want local server name or IP to be visible.

Hiya,

For various reasons we are deploying RDS 2012R2 via our shiny new SSL VPN portal provided by our Firewall, the firewall proxys and obscures the address of any URLs that are opened through it.

As a result when you try and browse to the rdweb url you get an error message in IE:

The XML page cannot be displayed. Cannot view XML input using XSL style sheet.....

If i do the same with Chrome it partially loads but spits out errors in the Developer Tools:

"Unsafe attempt to load URL https://InternalServerHostname.domain.com/RDWeb/Pages/en-US/RDWAStrings.xml from frame with URL https://sslVPNURL.domain.com/proxy/https/obscuredURL/RDWeb/Pages/en-US/login.aspx?ReturnURL=/RDWeb/Pages/en-US/Default.aspx Domains, protocols and ports must match"

So from doing research it does seem that issue is down to trying to load the XSL sheet from a URL that is different from the URL open in the browser - looking at it, it appears that the XSL performs a look up of the local host URL and uses that to then provide the html headers etc. that includes href="https://InternalServerHostname.domain.com/RDWeb/Pages/en-US/"

Has anyone encountered this before and if so how did you get round it (yes I am aware of the RD Gateway, we are trying to avoid using that if possible as our Firewall provides excellent logging that we can't get from the gateway). In my mind it involves modifying the XSL or aspx files so that either the XSL is embedded in the same file, or that the URLs are all set to relative not something based on a lookup. I know relative works as our intranet loads fine and all of the href's are relative.

Thoughts on postcards, and try to avoid mocking the use of an SSL VPN portal over the Gateway please.... :)

How many surrealists does it take to change a lightbulb?

Two - one to hold the bulb and the other to put the clocks in the bathtub.

Hello,

I've been working with a Windows 2012R2 server that was thoroughly mishandled by another engineer. this engineer decided it was a good idea to mess with the local profile of the administrator account (among others) and ended up bricking the server practically completely. Some other engineer managed to salvaged what was left by doing an upgrade and making the server somewhat usable. That's where I came in. To initially solve some permission issues but ending up solving a whole host of other issues (Powershell was totally messed up, Powershell remoting didn't work, ServerManager started up but gave errors, and so on ...)

I made it possible again to publish remote apps without it erroring out (renaming the collection was in the process). But now I'm still facing one issue, the remote apps are not visible in the RWeb page. No icons, nothing. I've tripple-checked every setting, permission and whatnot but nothing budges. I've searched the Internet high and low, tried many, many suggestions made in many, many blogs, but I think something is still not working like it should and I can't pinpoint it. I'm also unable for some reason to connect to the rdweb page from another PC, only locally.

The many logs don't shed any light on the situation either. And yes, all this time spent on trying to fix the issue could've been better spent rebuilding the server, but as is often the cause, this is not really possible at the moment.

So I'm looking for some ideas, tips, anything to get me on the path again.Thanks for any help at all!

Hi all,

Problem:

Default printer changes every time when connecting to the remote session. Sometimes it sets the client’s local printer as default and sometimes it makes the PDF printer as default. Most clients connecting to the RD server are Macs (via the RD app) and iPads (RDP app for iPads).

Environment:

• Server 2012 R2 running RD gateway
• Authenticating to AD (separate VM)
• Printers: network printers

What I have tried so far:

• Disable printer redirection from the RD app (didn’t work)
• Enable GP Do no set default client printer to be default printer in a session (didn’t work)
• Enable GP Do not allow client printer redirection (didn’t work)
• Set the following registry key (in AD) - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Providers\Client Side Rendering Print Provider RemovePrintersAtLogoff VALUE: 0

Hello, 

1. Probelm:  Endcustomer claim GUI Lag particular in SAP Client GUI during normal operations, switchen menues/windows
2. Endcustomer uses simple Windows 7 PCs as  WTS Client.
3. No Problem on the local windows 7 maschine with SAP Client Gui  behavior

currently Idea´s  of troubleshouting / making SAP Client GUI faster:

1. check this out: http://support.citrix.com/article/CTX127399

2. (but I am not sure whether SAP Client GUI is using JAVA  (increase Java Heap Size http://www.wikihow.com/Increase-Java-Memory-in-Windows-7)

3.looking into PerfMon  Tool and try to generate cinclusion  ( well - I don´t have experience with that)

4. I didn´t know if REMOTE FX would improve the above mentioned problem, I understand not.  (mostly for OPEN GL/Direct X requirements)

5. I didn understand the Tuning Tools of VMware yet.  

What do you suggest?

My Idea:   Waiting for Server 2016 Release and make a new Try. 

our system:  2 x HPE DL380 G8 with EMC Storage and 4 WTS 2008 R2 Server with Broker Service on it.  (each 24 GB RAM and much CPU) (extra SQL Database Server) approx. 50-100 User

Hello everyone.

I installed remote desktop CAL for 5 users on server 2012 r2 foundation but when I check RD Licensing Diagnoser i got this problem :

The Remote Desktop Session Host server is in Per User licensing mode and No Redirector Mode, but license server simhp3 does not have any installed licenses with the following attributes:
Product version: Windows Server 2012
Licensing mode: Per User

How can I solve this?

Thanks



Hi,

I'm deploying RDS 2012R2 into Azure with the following configuration:

1 x Domain Controller (RDS Licensing server)

1 x Connection Broker

1 x Gateway Server (Web server is also installed)

2 x Session Hosts

I've managed to get everything working, except for the fact that I'm getting the following error:

Kenneth Bess - http://www.systemcenterblog.net

I've been struggling with this for a while, and maybe it's just something that can't be done.  Or I just don't have things setup correctly.  Here are my server specs:

(2) E5-2697 v4 CPU

512GB RAM

4 960GB SM863 SSDs in RAID 10 array with LSI 3108 RAID controller

10 Gb network connection on server, 1Gb at client

Grid K1

So, hardware wise you'd think I'd be good to go.  I'm trying to play 720p videos from Youtube full screen, and maybe I'm expecting too much, but the quality just isn't great.  It's not smooth at all - it's not breaking up or pixelating, but  it's losing frames and jerky.  I've tried vGPU and no vGPU, Windows 8.1, Win 10 LTSB, and Win 10 1607.  With vGPU, I can get 60 fps in the fishbowl demo with 100 fishes, but the video, no go.  Windowed in Youtube is fine.

The VM has 2 vCPUs and dynamic memory up to 4GB.

So the first question is whether or not this is even possible so I'm not wasting time.  After that, what tuning parameters should I try?  There isn't a ton of info on this in searching, but I can verify that I'm using UDP.  I was wanting to test h.264 444 with 2016, but the Grid drivers won't load with that OS and my server, for whatever reason.

Thanks for any help you can provide.

Hello All,

My configuration is as follows:

All servers are 2012 R2 and all roles are on separate virtual servers unless otherwise noted.

Server Name - Function 

RDCB - Remote desktop connection broker in HA

RDCB2 - Remote desktop connection broker in HA

RDWA - Remote desktop web access server (Internal)

RDVH - remote desktop virtualization host

RDGW / RDWA - remote desktop gateway server and Web access (DMZ joined to RODC)

RDUPD - User profile disk server

All of the servers outside of the RDVH are part of a 17 node Microsoft cluster with over a TB of memory and 40GB/s network speed.

All of the storage is connected to a 3par SAN.

All connections (even internal ones) go through the gateway server. The connection issues I'm about to describe is intermittent but the error logs are always the same.

On the connection broker I get the following errors:

Event ID: 1306

Source: TerminalServices-SessionBroker-Client\Operational

Message: 

Remote Desktop Connection Broker Client failed to redirect the user USERNAME. 
Error: Unspecified error  Sometimes there is NULL but always the same message.

The other error on the connection broker is:

Event ID: 1296

Source:

Message:  TerminalServices-SessionBroker-Client\Operational

Remote Desktop Connection Broker Client failed while getting redirection packet from Connection Broker.
User : USERNAME 
Error: Element not found. 

The errors are usually in succession and I usually get error 1296 first then 1306.

The only other server I can find errors is on the RDVH. These errors have to deal with the UPD's (User profile disks) 

On the RDVH I get the following errors:

Event ID: 8479

Source: TerminalServices-TSV-VmHostAgent/Operational

Message: 

Remote Desktop Virtualization Host could not run the Hyper-V WMI job.

Error description: NULL
See also Hyper-V event logs
Hresult: 0x80078000

Event ID: 4890

Source: TerminalServices-TSV-VmHostAgent/Admin

Message: 

Remote Desktop Virtualization Host could not apply a user desktop for a user account with a SID of <SID>. A temporary profile was enforced for the user. Verify that the user profile disk settings are correct.

Virtual desktop name: VMName
Error: 0x1.0

Event ID: 4893

Source: TerminalServices-TSV-VmHostAgent/Admin

Message: 

Remote Desktop Virtualization Host could not attach a user profile disk to the virtual desktop for a user account with a SID of <SID>.

Virtual desktop name: VMName
Hresult: 0x80078000

To go with the above errors I have noticed that the UPD's don't always get unmounted when a user logs off.  This has caused some of the connecting issues I noticed above. I know this because I will have a user not being able to connect, Ill find that their UPD is still mounted from the last time they successful connected. I'll unmount the UPD and they can connect again.

 All of my clients go strait to a VM, so I do not have a session broker, so the connection issues be referenced in the event log do not make any sense. If anyone can shed any light on this I would be grateful 

Thanks,

Scott

Hi,

I am trying to manage my RDS farm from RSAT 1.2 on my Windows 10 x64 machine.

I have added all the RDSH servers and the broker server to server manager. I manage all these with a domain administrator account as my own account does not have rights to manage these servers, this is fine as it retrieves the status of all the servers after changing the management account.

When I click on Remote Desktop Services -> Overview it comes up with this messaged pictured below:

All these services are running on the connection broker server. If I view the same interface in server manager on the broker server, I can see all of the collections and manage them with no issue.

Remote management is enabled on the broker server, so why is server manager on my machine failing to connect to it?

Hi,

We are running a Windows Server 2012 R2 for RDP access. I just found that some users somehow could saved files / create folders on the C drive on the server. Can someone please let me know how I can restrict users to create folders / files on C drive? The User profile disks are located on the C as well.

Thanks,

Jason

We have two Windows 2008 R2 server as remote desktop servers for clients to access remotely. We use Remote Control to access the client remote session whenever they have a problem.  That works fine. However, since yesterday, we can't remote control one client remote session with this error: Requested session denied remote control.

I have tried two different domain admin accounts. All get the same error. Any suggestions?

Bob Lin, MCSE & CNE Networking, Internet, Routing, VPN Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net How to Install and Configure Windows, VMware, Virtualization and Cisco on http://www.HowToNetworking.com

When I run the commands while logged in I get the results immediately. This is not in a "run as administrator" session. This is a newish 2012 R2 install.

Here is from opening PS right from the desktop:

====

PS U:\> hostname
RDCB001

PS U:\> Import-Module remotedesktop

PS U:\> Get-RDServer -ConnectionBroker rdcb002.ads.local
Server                                             Roles                                                                                              
------                                             -----                                                                                              
RDCB001.ADS.LOCAL                                  {RDS-CONNECTION-BROKER}    

====

Now, from a pssession:

=====

$username = "ads\admin.acct"
$password = ConvertTo-SecureString "Mypassword" -AsPlainText -Force

$cred = new-object -typename System.Management.Automation.PSCredential -argumentlist $username, $password
$currsess = New-PSSession -ComputerName rdcb001.ads.local -Credential $cred
Enter-PSSession -Session $currsess

[rdcb001.ads.local]: PS C:\Users\admin.curtis\Documents> whoami
ads\admin.acct
[rdcb001.ads.local]: PS C:\Users\admin.curtis\Documents> hostname
RDCB001

[rdcb001.ads.local]: PS C:\Users\admin.curtis\Documents> import-module remotedesktop

[rdcb001.ads.local]: PS C:\Users\admin.curtis\Documents> Get-RDServer -ConnectionBroker rdcb002.ads.local
Get-RDServer : The RD Connection Broker server is not available. Verify that you can connect to the RD Connection Broker server.
    + CategoryInfo          : NotSpecified: (:) [Write-Error], WriteErrorException
    + FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,Get-RDServer

======

I only have 2 broker servers, and it does the same regardless of the -connectionbroker value (the example here is after making sure that the active broker is this server)

I get the same error when running this from orchestrator as a "run a command" with powershell -file c:\script\blah.ps1

We have a customer that uses thin clients and multiple RDS servers for the majority of their users. They use a software application that contains a feature which will open a new email message window from within Outlook to simplify the process of sending an email when needed in their workflow.  When the customer was running Exchange 2010, this feature worked correctly, but after upgrading to Exchange 2013, the new email message window does not open in Outlook when prompted from the other application. Instead, the user is prompted by Outlook to enter their credentials.  Whether the user cancels the prompt or enters their credentials correctly, authentication fails and they are immediately prompted for credentials again, over and over.

We have ruled out anything specific with the third-party application.  We know it works fine with other customers on Exchange 2013 (and other customers using RDS servers) and for the users at our customer site that have full PCs that are not using the RDS servers. Only the RDS users at this customer site face this issue.  We also known the same issue occurs if the RDS users click any "MAILTO" hyperlinks or shortcuts, thus eliminating the third-party application from the equation.

The customer is running 4 RDS servers (WS 2008 R2) and a separate Exchange 2013 mail server within their network.  The users have Personal Desktop VDIs running Windows 7 with Outlook 2010 in "online" mode (it is worth mentioning that the same credential prompt behavior occurs in "cached" mode as well, but the email message windowwill open after credentials are successfully entered). When running a network trace, we see that there are a number of HTTP 401 errors with authentication going to the Exchange server (this occurs if authentication is set to "Basic", "NTLM" or "negotiate").  Again, this was not an issue while on Exchange 2010 and non-RDS users do not have this issue while now on Exchange 2013.

Perhaps the issue is with the user profiles in the RDS environment (registry values for Exchange/Outlook need to be updated somehow)?  Perhaps the RDS sessions cannot communicate properly with Exchange since 2013 switched to using RPC over HTTPS?  Perhaps the RDS user logins are not set properly for the correct mail profile to be identified/assigned/authorized? We are trying to advise the customer where the issue lies, and could use some advice.